REMARKS 



Claims 1-20 are currently active. 

The Examiner has objected to the length of the abstract. The abstract has been 
amended to be a shorter length. 

The Examiner has rejected Claims 1-3 and 13-14 as being unpatentable over 
Abraham in view of Stein. Applicant respectfully traverses this rejection. There is no 
teaching or suggestion of a switch with respect to the first inspection engine and a second 
inspection engine as claimed. 

Referring to Abraham, there is simply taught a plurality of networks in 
relationship with each other. Abraham teaches the Internet 40 is a collection of local area 
networks 44, wide area networks 46, and routers 42 that use the transmission control 
protocol/internet protocol to communicate with each other. Figure 2 illustrates a local area 
network 44 such as that typically connected to the Internet 40. The local area network 44 is a 
bus network and connecting various clients and servers. The local area network 44 can be 
formed by various coupling media such as glass or plastic fiber optic cables, coax cables, 
twisted wire pair cables, ribbon cables. Computers interconnected by the local area network 
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44 include a plurality of client computers 52. These client computers equipped with at least a 
graphical user interface component are known as administrative clients 54. Operators of the 
administrative clients are organized into three hierarchical levels of the administration, namely 
a system administrator, a mid-level administrator and the manager. The system administrator 
is capable of setting specific policies for the users of the local area network 44 regarding what 
type of services and information each user may have access to on the Internet 40. The mid- 
level administrator and manager, have more limited capabilities. The local area network 44 
includes a domain controller server 60 that keeps track of what users are logged into which 
client computers 52 and which administrative computers 54 at any given time. When a user 
logs into a client computer 52, the user is said to have started a session with a local area 
network 44. The main controller server 60 captures a record of this session and stores the 
logic name of the user and computer name or host name of the computer logged into by the 
user. 

The local area network 44 is insulated from the Internet 40 by a fire wall server 
48 which tracks and controls the flow of all data packets passing through it through the 
transmission control protocol/Internet protocol. The firewall 48 protects the local area 
network 44 from malicious inbound IP packet traffic, but does not allow users of the local area 
network 44 to dynamically determine to which information and services on the Internet users 
of the local area network 44 may have access. All inbound IP packet traffic from the Internet 



40 passing through the firewall 48 and all outbound IP packet traffic from the local area 
network 44 passes through a network server 50 equipped with a network operating system that 
coordinates this transfer of data packets. See column 5, line 26-column 6, line 18. 

As is clear from the above text, and teachings, that Abraham recognizes and 
teaches the use of a fire wall but in no way is their any consideration of using a switch to 
direct traffic specifically to the firewall and out of the line with any network, as found in the 
Claim 1 of applicant. 

Referring to Stein, there is disclosed web security. Pages 394-399 are directed 
to the outgoing Web access which focuses on commands in the packet filter for what has 
described in table 14.1. There is no discussion whatsoever regarding a switch, or even any 
type of architecture whatsoever. 

Beginning on page 399 of Stein, there is taught incoming Web access. Stein 
teaches in figures 14. 3C, 14. 3D and 14. 3E various architectures for positioning of a firewall. 
These architectures are called the private affair or the doubly fortified or the demilitarized 
zone architectures. All of these architectures fail to teach anywhere the use of a switch, let 
alone a switch connected to a first inspection engine or a second inspection engine which are 
not in line with the internal network and the external network. Stein teaches to direct traffic 
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from the router to the firewall and then from the firewall directly to the network. See page 
43. 



There is no teaching or suggestion anywhere in the applied art of record of a 
first inspection engine and a second inspection engine connected to the switch and not in line 
with the internal network and the external network, which receives traffic from the switch, 
processes the traffic to determine whether it is desired traffic or undesired traffic, which 
prevents undesired traffic from passing through it and which sends desired traffic back to the 
switch, as found in Claim 1 of applicant. 

Applicant respectfully requests the Examiner to point out in Stein where the 
language exists that supports or teaches this limitation. Applicant respectfiiUy submits that 
Claims 1-3 and 13-14 are patentable over Abraham in view of Stein for the reasons stated 
above. 

The Examiner has found Claims 4-12 and 15-20 as allowable. 



In view of the foregoing amendments and remarks, it is respectfully requested 
that the outstanding rejections and objections to this application be reconsidered and 
withdrawn, and Claims 1-20, now in this application be allowed. 
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